I went down this path, but installing CA certificates is a pain. There isn't just one trust store per device, there are many. Make your own CA if want to find out how many there are...
Like others I went with just having my own domain and getting real certs for things.